Appendix 1

Signature Verification

Java
Node.js
Python
.Net
PHP

Step 1 : Import the required packages

import java.security.KeyFactory;
import java.security.PublicKey;
import java.security.Signature;

Step 2 : Create a PublicKey object from the public key bytes

KeyFactory keyFactory = KeyFactory.getInstance("RSA");
PublicKey publicKey = keyFactory.generatePublic(new X509EncodedKeySpec(publicKeyBytes));

Step 3 : Create a Signature object and initialize it with the public key

Signature signature = Signature.getInstance("SHA256withRSA");
signature.initVerify(publicKey);

Step 4 : Put all parameters except signedMessage as string and convert to bytes

response.setSequenceNo("1");
response.setSourceSystem("mxx");
response.setMsgVer("1.0");
response.setTxnID("20XX0825023XXXXX");
response.setResultCode("0");
response.setRespCd("00");
response.setOrgRespCd("00");
response.setRRN("32376300XXXX");
response.setSTAN("006XXX");
response.setAuthIdResp("945XXX");
response.setMRN("23237V6XXX");
response.setTxnDTTime("20230825143413");
response.setPaymentScheme("MC");
Gson gson = new Gson();
String jsonStr = gson.toJson(response);
byte[] messageBytes = jsonStr.getBytes();

Step 5 : Update the signature with the message bytes

signature.update(messageBytes);

Step 6 : Convert signedMessage to bytes and verify

boolean verified = signature.verify(signedMessageBytes);

Step 1 : Import the required packages

import forge from "node-forge";

Step 2 : Create a PublicKey object from the public key bytes

const publicKeyPath = "key/public.key";

const fetchPublicKey = async (path) => {
    try {
      const response = await fetch(path);
      const publicKey = await response.text();
      return publicKey;
    } catch (error) {
      //to do ...
    }
};

const publicKey = await fetchPublicKey(publicKeyPath);
const rsaPubicKey = forge.pki.publicKeyFromPem(publicKey);

Step 3 : Put all parameters except signedMessage as string

const request = {
    sequenceNo = '1',
    sourceSystem = 'mxx',
    MsgVer = '1.0',
    TxnID = '20230825023XXXXXX',
    ResultCode = '0',
    RespCd = '00',
    OrgRespCd = '00',
    RRN = '323763006XXX',
    STAN = '006XXX',
    AuthIdResp = '945XXX',
    MRN = '23237V6XXX',
    TxnDTTime = '20230825143413',
    PaymentScheme = 'MC'
};

const json = JSON.stringify(request);
const sourceSystem = "mxx";
const jsonString = `${sourceSystem}\n${json}`;
const signature = "68acc11449277468cb5e619f16bcff62f5448fa3911a462fd52abadaf4bc8f3effb";
const decodedUrl = decodeURIComponent(signature);
const decodedBytes = atob(decodedUrl);

const byteBuffer = new Uint8Array(decodedBytes.length);
for (let i = 0; i < decodedBytes.length; i++) {
    byteBuffer[i] = decodedBytes.charCodeAt(i);
}

Step 4 : Verify the signature

const md = forge.md.sha256.create();
md.update(jsonString, "utf8");
const verified = rsaPubicKey.verify(md.digest().bytes(), byteBuffer);

Step 1 : Import the required packages

import cryptography

Step 2 : Create an RSAPublicKey object from your public key

public_key = cryptography.hazmat.primitives.asymmetric.RSAPublicKey.load_pem_public_key(
    open("public_key.pem").read()
)

Step 3 : Create a PKCS1v15 padding object

padding = cryptography.hazmat.primitives.asymmetric.padding.PKCS1v15()

Step 4 : Create a SHA256 hash object

hasher = cryptography.hazmat.primitives.hashes.SHA256()

Step 5 : Put all parameter except signedMessage as string

request_data = OrderedDict()
request_data["sequenceNo"] = "1"
request_data["sourceSystem"] = "mxx"
request_data["MsgVer"] = "1.0"
request_data["TxnID"] = "20230825023XXXXXX"
request_data["ResultCode"] = "0"
request_data["RespCd"] = "00"
request_data["OrgRespCd"] = "00"
request_data["RRN"] = "323763006XXX"
request_data["STAN"] = "006XXX"
request_data["AuthIdResp"] = "945XXX"
request_data["MRN"] = "23237V6XXX"
request_data["TxnDTTime"] = "20230825143413"
request_data["PaymentScheme"] = "MC"
json_string = json.dumps(request_data, separators=(",", ":"))
source_system="mxx"
message = f"{source_system}\n{json_string}"
signature = "68acc11449277468cb5e619f16bcff62f5448fa3911a462fd52abadaf4bc8f3effb"

Step 6 : Use the verify() method to verify the signature

verified = public_key.verify(
    signature,
    hasher.update(message).digest(),
    padding=padding,
)

Step 1 : Import the required packages

using System.Security.Cryptography;

Step 2 : Create a PublicKey object from the public key bytes

var reader = System.IO.File.ReadAllText(@"E:\xxx\xxx\public.key");
RSA rsa = RSA.Create();
byte[] pubKey = Convert.FromBase64String(reader.Replace("-----BEGIN PUBLIC KEY-----", string.Empty)
    .Replace("-----END PUBLIC KEY-----", string.Empty)
    .Trim());
rsa.ImportSubjectPublicKeyInfo(pubKey, out _);

Step 3 : Put all parameter except signedMessage as string

request.sequenceNo = "1",
request.sourceSystem = "mxx",
request.MsgVer = "1.0",
request.TxnID = "20230825023XXXXXX",
request.ResultCode = "0",
request.RespCd = "00",
request.OrgRespCd = "00",
request.RRN = "323763006XXX",
request.STAN = "006XXX",
request.AuthIdResp = "945XXX",
request.MRN = "23237V6XXX",
request.TxnDTTime = "20230825143413",
request.PaymentScheme = "MC"

string json = JsonConvert.SerializeObject(request);
string sourceSystem = "mxx";
string jsonString = sourceSystem + "\n" + json;
string signature = "68acc11449277468cb5e619f16bcff62f5448fa3911a462fd52abadaf4bc8f3effb";

Step 4 : Verify the signature

bool verify = rsa.VerifyData(Encoding.UTF8.GetBytes(jsonString), Encoding.UTF8.GetBytes(signature), HashAlgorithmName.SHA256, RSASignaturePadding.Pkcs1);

Step 1 : Import the OpenSSL extension

require_once 'vendor/autoload.php';

Step 2 : Create a new OpenSSL public key

$publicKeyFNXLocation = file_get_contents('key/xxx/xxx/public.key');
$publicKeyFNX = openssl_pkey_get_public($publicKeyFNXLocation);
$publicKeyDetailsFNX = openssl_pkey_get_details($publicKeyFNX);
$publicKeyPEM = $publicKeyDetailsFNX['key'];

Step 3 : Put all parameters except signedMessage as string

$paymentResponse->sequenceNo = '1';
$paymentResponse->sourceSystem = 'mxx';
$paymentResponse->MsgVer = '1.0';
$paymentResponse->TxnID = '20230825023XXXXXX';
$paymentResponse->ResultCode = '0';
$paymentResponse->RespCd = '00';
$paymentResponse->OrgRespCd = '00';
$paymentResponse->RRN = '323763006XXX';
$paymentResponse->STAN = '006XXX';
$paymentResponse->AuthIdResp = '945XXX';
$paymentResponse->MRN = '23237V6XXX';
$paymentResponse->TxnDTTime = '20230825143413';
$paymentResponse->PaymentScheme = 'MC';
$jsonStringResponse = json_encode($paymentResponse);
$jsonResponse = json_decode($jsonStringResponse);
$updateJsonResponse = json_encode($jsonResponse);
$minifiedJsonResponse = json_encode(json_decode($updateJsonResponse));
$sourceSystem='mxx';
$dataResponse = $sourceSystem . "\n" . $minifiedJsonResponse;
$minifiedJson = json_encode(json_decode($updateJson));

$decodedSignedMessage = '68acc11449277468cb5e619f16bcff62f5448fa3911a462fd52abadaf4bc8f3effb';
$decodedUrl = urldecode($decodedSignedMessage);
$decodedSignature = base64_decode($decodedUrl);

Step 4 : Verify the signature

$verifyResponse = openssl_verify($dataResponse, $decodedSignature, $publicKeyPEM, OPENSSL_ALGO_SHA256);

Appendix 1

Signature Verification​

CONNECT WITH US

Signature Verification